diff options
| author | Greg Roach <fisharebest@webtrees.net> | 2020-01-23 09:39:38 +0000 |
|---|---|---|
| committer | Greg Roach <fisharebest@webtrees.net> | 2020-01-23 09:39:38 +0000 |
| commit | f6924bc8aa0cd5eec0d5ec301d59ae0fb3c66217 (patch) | |
| tree | d8bb4d57a55c8ba11183639e65232e4952eb98e4 /app/Http | |
| parent | 027478c23a63b5681d8d4ac05fec614b75acb7ba (diff) | |
| download | webtrees-f6924bc8aa0cd5eec0d5ec301d59ae0fb3c66217.tar.gz webtrees-f6924bc8aa0cd5eec0d5ec301d59ae0fb3c66217.tar.bz2 webtrees-f6924bc8aa0cd5eec0d5ec301d59ae0fb3c66217.zip | |
Enforce access level for blocks
Diffstat (limited to 'app/Http')
| -rw-r--r-- | app/Http/RequestHandlers/TreePage.php | 8 | ||||
| -rw-r--r-- | app/Http/RequestHandlers/TreePageDefaultEdit.php | 17 | ||||
| -rw-r--r-- | app/Http/RequestHandlers/TreePageEdit.php | 10 | ||||
| -rw-r--r-- | app/Http/RequestHandlers/TreePageUpdate.php | 10 | ||||
| -rw-r--r-- | app/Http/RequestHandlers/UserPage.php | 6 | ||||
| -rw-r--r-- | app/Http/RequestHandlers/UserPageDefaultEdit.php | 17 | ||||
| -rw-r--r-- | app/Http/RequestHandlers/UserPageEdit.php | 10 | ||||
| -rw-r--r-- | app/Http/RequestHandlers/UserPageUpdate.php | 11 |
8 files changed, 68 insertions, 21 deletions
diff --git a/app/Http/RequestHandlers/TreePage.php b/app/Http/RequestHandlers/TreePage.php index b0e02b034e..0466bc8213 100644 --- a/app/Http/RequestHandlers/TreePage.php +++ b/app/Http/RequestHandlers/TreePage.php @@ -19,6 +19,7 @@ declare(strict_types=1); namespace Fisharebest\Webtrees\Http\RequestHandlers; +use Fisharebest\Webtrees\Contracts\UserInterface; use Fisharebest\Webtrees\Http\ViewResponseTrait; use Fisharebest\Webtrees\Module\ModuleBlockInterface; use Fisharebest\Webtrees\Services\HomePageService; @@ -61,6 +62,9 @@ class TreePage implements RequestHandlerInterface $tree = $request->getAttribute('tree'); assert($tree instanceof Tree); + $user = $request->getAttribute('user'); + assert($user instanceof UserInterface); + $has_blocks = DB::table('block') ->where('gedcom_id', '=', $tree->id()) ->exists(); @@ -81,8 +85,8 @@ class TreePage implements RequestHandlerInterface } return $this->viewResponse('tree-page', [ - 'main_blocks' => $this->home_page_service->treeBlocks($tree->id(), ModuleBlockInterface::MAIN_BLOCKS), - 'side_blocks' => $this->home_page_service->treeBlocks($tree->id(), ModuleBlockInterface::SIDE_BLOCKS), + 'main_blocks' => $this->home_page_service->treeBlocks($tree, $user, ModuleBlockInterface::MAIN_BLOCKS), + 'side_blocks' => $this->home_page_service->treeBlocks($tree, $user, ModuleBlockInterface::SIDE_BLOCKS), 'title' => e($tree->title()), 'tree' => $tree, 'meta_robots' => 'index,follow', diff --git a/app/Http/RequestHandlers/TreePageDefaultEdit.php b/app/Http/RequestHandlers/TreePageDefaultEdit.php index 4073e8e6e4..777770c496 100644 --- a/app/Http/RequestHandlers/TreePageDefaultEdit.php +++ b/app/Http/RequestHandlers/TreePageDefaultEdit.php @@ -19,14 +19,17 @@ declare(strict_types=1); namespace Fisharebest\Webtrees\Http\RequestHandlers; +use Fisharebest\Webtrees\Contracts\UserInterface; use Fisharebest\Webtrees\Http\ViewResponseTrait; use Fisharebest\Webtrees\I18N; use Fisharebest\Webtrees\Module\ModuleBlockInterface; use Fisharebest\Webtrees\Services\HomePageService; +use Fisharebest\Webtrees\Tree; use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Server\RequestHandlerInterface; +use function assert; use function route; /** @@ -54,14 +57,22 @@ class TreePageDefaultEdit implements RequestHandlerInterface */ public function handle(ServerRequestInterface $request): ResponseInterface { + $tree = $request->getAttribute('tree'); + assert($tree instanceof Tree); + + $user = $request->getAttribute('user'); + assert($user instanceof UserInterface); + $this->layout = 'layouts/administration'; $this->home_page_service->checkDefaultTreeBlocksExist(); - $main_blocks = $this->home_page_service->treeBlocks(-1, ModuleBlockInterface::MAIN_BLOCKS); - $side_blocks = $this->home_page_service->treeBlocks(-1, ModuleBlockInterface::SIDE_BLOCKS); + $default_tree = new Tree(-1, 'DEFAULT', 'DEFAULT'); + + $main_blocks = $this->home_page_service->treeBlocks($default_tree, $user, ModuleBlockInterface::MAIN_BLOCKS); + $side_blocks = $this->home_page_service->treeBlocks($default_tree, $user, ModuleBlockInterface::SIDE_BLOCKS); - $all_blocks = $this->home_page_service->availableTreeBlocks(); + $all_blocks = $this->home_page_service->availableTreeBlocks($tree, $user); $title = I18N::translate('Set the default blocks for new family trees'); $url_cancel = route(ControlPanel::class); $url_save = route(TreePageDefaultUpdate::class); diff --git a/app/Http/RequestHandlers/TreePageEdit.php b/app/Http/RequestHandlers/TreePageEdit.php index a3d1086e65..d8774d11f0 100644 --- a/app/Http/RequestHandlers/TreePageEdit.php +++ b/app/Http/RequestHandlers/TreePageEdit.php @@ -19,6 +19,7 @@ declare(strict_types=1); namespace Fisharebest\Webtrees\Http\RequestHandlers; +use Fisharebest\Webtrees\Contracts\UserInterface; use Fisharebest\Webtrees\Http\ViewResponseTrait; use Fisharebest\Webtrees\I18N; use Fisharebest\Webtrees\Module\ModuleBlockInterface; @@ -59,10 +60,13 @@ class TreePageEdit implements RequestHandlerInterface $tree = $request->getAttribute('tree'); assert($tree instanceof Tree); - $main_blocks = $this->home_page_service->treeBlocks($tree->id(), ModuleBlockInterface::MAIN_BLOCKS); - $side_blocks = $this->home_page_service->treeBlocks($tree->id(), ModuleBlockInterface::SIDE_BLOCKS); + $user = $request->getAttribute('user'); + assert($user instanceof UserInterface); - $all_blocks = $this->home_page_service->availableTreeBlocks(); + $main_blocks = $this->home_page_service->treeBlocks($tree, $user, ModuleBlockInterface::MAIN_BLOCKS); + $side_blocks = $this->home_page_service->treeBlocks($tree, $user, ModuleBlockInterface::SIDE_BLOCKS); + + $all_blocks = $this->home_page_service->availableTreeBlocks($tree, $user); $title = I18N::translate('Change the “Home page” blocks'); $url_cancel = route(TreePage::class, ['tree' => $tree->name()]); $url_save = route(TreePageUpdate::class, ['tree' => $tree->name()]); diff --git a/app/Http/RequestHandlers/TreePageUpdate.php b/app/Http/RequestHandlers/TreePageUpdate.php index 7f59cdd82c..ab39fa3d73 100644 --- a/app/Http/RequestHandlers/TreePageUpdate.php +++ b/app/Http/RequestHandlers/TreePageUpdate.php @@ -19,6 +19,7 @@ declare(strict_types=1); namespace Fisharebest\Webtrees\Http\RequestHandlers; +use Fisharebest\Webtrees\Contracts\UserInterface; use Fisharebest\Webtrees\Module\ModuleBlockInterface; use Fisharebest\Webtrees\Services\HomePageService; use Fisharebest\Webtrees\Tree; @@ -57,16 +58,21 @@ class TreePageUpdate implements RequestHandlerInterface $tree = $request->getAttribute('tree'); assert($tree instanceof Tree); + $user = $request->getAttribute('user'); + assert($user instanceof UserInterface); + $params = (array) $request->getParsedBody(); $defaults = (bool) ($params['defaults'] ?? false); if ($defaults) { - $main_blocks = $this->home_page_service->treeBlocks(-1, ModuleBlockInterface::MAIN_BLOCKS) + $default_tree = new Tree(-1, 'DEFAULT', 'DEFAULT'); + + $main_blocks = $this->home_page_service->treeBlocks($default_tree, $user, ModuleBlockInterface::MAIN_BLOCKS) ->map(static function (ModuleBlockInterface $block) { return $block->name(); }); - $side_blocks = $this->home_page_service->treeBlocks(-1, ModuleBlockInterface::SIDE_BLOCKS) + $side_blocks = $this->home_page_service->treeBlocks($default_tree, $user, ModuleBlockInterface::SIDE_BLOCKS) ->map(static function (ModuleBlockInterface $block) { return $block->name(); }); diff --git a/app/Http/RequestHandlers/UserPage.php b/app/Http/RequestHandlers/UserPage.php index 944131b916..ea48fe8e5e 100644 --- a/app/Http/RequestHandlers/UserPage.php +++ b/app/Http/RequestHandlers/UserPage.php @@ -19,6 +19,7 @@ declare(strict_types=1); namespace Fisharebest\Webtrees\Http\RequestHandlers; +use Fisharebest\Webtrees\Contracts\UserInterface; use Fisharebest\Webtrees\Http\ViewResponseTrait; use Fisharebest\Webtrees\I18N; use Fisharebest\Webtrees\Module\ModuleBlockInterface; @@ -62,6 +63,7 @@ class UserPage implements RequestHandlerInterface assert($tree instanceof Tree); $user = $request->getAttribute('user'); + assert($user instanceof UserInterface); $has_blocks = DB::table('block') ->where('user_id', '=', $user->id()) @@ -83,8 +85,8 @@ class UserPage implements RequestHandlerInterface } return $this->viewResponse('user-page', [ - 'main_blocks' => $this->home_page_service->userBlocks($user->id(), ModuleBlockInterface::MAIN_BLOCKS), - 'side_blocks' => $this->home_page_service->userBlocks($user->id(), ModuleBlockInterface::SIDE_BLOCKS), + 'main_blocks' => $this->home_page_service->userBlocks($tree, $user, ModuleBlockInterface::MAIN_BLOCKS), + 'side_blocks' => $this->home_page_service->userBlocks($tree, $user, ModuleBlockInterface::SIDE_BLOCKS), 'title' => I18N::translate('My page'), 'tree' => $tree, ]); diff --git a/app/Http/RequestHandlers/UserPageDefaultEdit.php b/app/Http/RequestHandlers/UserPageDefaultEdit.php index d5c57a939b..99ed9e3123 100644 --- a/app/Http/RequestHandlers/UserPageDefaultEdit.php +++ b/app/Http/RequestHandlers/UserPageDefaultEdit.php @@ -19,14 +19,17 @@ declare(strict_types=1); namespace Fisharebest\Webtrees\Http\RequestHandlers; +use Fisharebest\Webtrees\Contracts\UserInterface; use Fisharebest\Webtrees\Http\ViewResponseTrait; use Fisharebest\Webtrees\I18N; use Fisharebest\Webtrees\Module\ModuleBlockInterface; use Fisharebest\Webtrees\Services\HomePageService; +use Fisharebest\Webtrees\Tree; use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Server\RequestHandlerInterface; +use function assert; use function route; /** @@ -54,13 +57,21 @@ class UserPageDefaultEdit implements RequestHandlerInterface */ public function handle(ServerRequestInterface $request): ResponseInterface { + $tree = $request->getAttribute('tree'); + assert($tree instanceof Tree); + + $user = $request->getAttribute('user'); + assert($user instanceof UserInterface); + $this->layout = 'layouts/administration'; $this->home_page_service->checkDefaultUserBlocksExist(); - $main_blocks = $this->home_page_service->userBlocks(-1, ModuleBlockInterface::MAIN_BLOCKS); - $side_blocks = $this->home_page_service->userBlocks(-1, ModuleBlockInterface::SIDE_BLOCKS); - $all_blocks = $this->home_page_service->availableUserBlocks(); + $default_tree = new Tree(-1, 'DEFAULT', 'DEFAULT'); + + $main_blocks = $this->home_page_service->userBlocks($default_tree, $user, ModuleBlockInterface::MAIN_BLOCKS); + $side_blocks = $this->home_page_service->userBlocks($default_tree, $user, ModuleBlockInterface::SIDE_BLOCKS); + $all_blocks = $this->home_page_service->availableUserBlocks($tree, $user); $title = I18N::translate('Set the default blocks for new users'); $url_cancel = route('admin-users'); $url_save = route(UserPageDefaultUpdate::class); diff --git a/app/Http/RequestHandlers/UserPageEdit.php b/app/Http/RequestHandlers/UserPageEdit.php index 64b11c1b83..76b97d2ca5 100644 --- a/app/Http/RequestHandlers/UserPageEdit.php +++ b/app/Http/RequestHandlers/UserPageEdit.php @@ -19,6 +19,7 @@ declare(strict_types=1); namespace Fisharebest\Webtrees\Http\RequestHandlers; +use Fisharebest\Webtrees\Contracts\UserInterface; use Fisharebest\Webtrees\Http\ViewResponseTrait; use Fisharebest\Webtrees\I18N; use Fisharebest\Webtrees\Module\ModuleBlockInterface; @@ -59,10 +60,13 @@ class UserPageEdit implements RequestHandlerInterface $tree = $request->getAttribute('tree'); assert($tree instanceof Tree); + $user = $request->getAttribute('user'); + assert($user instanceof UserInterface); + $user = $request->getAttribute('user'); - $main_blocks = $this->home_page_service->userBlocks($user->id(), ModuleBlockInterface::MAIN_BLOCKS); - $side_blocks = $this->home_page_service->userBlocks($user->id(), ModuleBlockInterface::SIDE_BLOCKS); - $all_blocks = $this->home_page_service->availableUserBlocks(); + $main_blocks = $this->home_page_service->userBlocks($tree, $user, ModuleBlockInterface::MAIN_BLOCKS); + $side_blocks = $this->home_page_service->userBlocks($tree, $user, ModuleBlockInterface::SIDE_BLOCKS); + $all_blocks = $this->home_page_service->availableUserBlocks($tree, $user); $title = I18N::translate('Change the “My page” blocks'); $url_cancel = route(UserPage::class, ['tree' => $tree->name()]); $url_save = route(UserPageUpdate::class, ['tree' => $tree->name()]); diff --git a/app/Http/RequestHandlers/UserPageUpdate.php b/app/Http/RequestHandlers/UserPageUpdate.php index 9b87887639..4eb97ee384 100644 --- a/app/Http/RequestHandlers/UserPageUpdate.php +++ b/app/Http/RequestHandlers/UserPageUpdate.php @@ -19,6 +19,7 @@ declare(strict_types=1); namespace Fisharebest\Webtrees\Http\RequestHandlers; +use Fisharebest\Webtrees\Contracts\UserInterface; use Fisharebest\Webtrees\Module\ModuleBlockInterface; use Fisharebest\Webtrees\Services\HomePageService; use Fisharebest\Webtrees\Tree; @@ -57,16 +58,20 @@ class UserPageUpdate implements RequestHandlerInterface $tree = $request->getAttribute('tree'); assert($tree instanceof Tree); - $user = $request->getAttribute('user'); + $user = $request->getAttribute('user'); + assert($user instanceof UserInterface); + $params = (array) $request->getParsedBody(); $defaults = (bool) ($params['defaults'] ?? false); if ($defaults) { - $main_blocks = $this->home_page_service->userBlocks(-1, ModuleBlockInterface::MAIN_BLOCKS) + $default_tree = new Tree(-1, 'DEFAULT', 'DEFAULT'); + + $main_blocks = $this->home_page_service->userBlocks($default_tree, $user, ModuleBlockInterface::MAIN_BLOCKS) ->map(static function (ModuleBlockInterface $block) { return $block->name(); }); - $side_blocks = $this->home_page_service->userBlocks(-1, ModuleBlockInterface::SIDE_BLOCKS) + $side_blocks = $this->home_page_service->userBlocks($default_tree, $user, ModuleBlockInterface::SIDE_BLOCKS) ->map(static function (ModuleBlockInterface $block) { return $block->name(); }); |
